Closed capsia37 closed 3 years ago
Hey @capsia37
thanks for reporting.
I was able to reproduce the error locally with your markdown image download branch.
The problem was the new version of image-download
.
For now i have pinned the version to 1.3.0
.
On my local maschine ( with node 14.16 --> you have 14.15 at gitlab ci ) i was able to run the build
command successfully.
If this doesn't solve your problem, feel free to reopen the ticket.
Thank you! Now it works great!
I've noticed that it is showing 4 vulnerabilities, but otherwise it is working very well.
# npm audit report
url-regex *
Severity: high
Regular Expression Denial of Service - https://npmjs.com/advisories/1550
No fix available
node_modules/url-regex
is-url-superb <=3.0.0
Depends on vulnerable versions of url-regex
node_modules/is-url-superb
image-download >=1.1.0
Depends on vulnerable versions of is-url-superb
node_modules/image-download
@noxify/gridsome-plugin-remark-image-download
Depends on vulnerable versions of image-download
node_modules/@noxify/gridsome-plugin-remark-image-download
4 high severity vulnerabilities
@capsia37 - have seen this vulnerabilities, too.
It seems that image-download
uses an outdated version of is-url-superb
- Used version is ^2.0.0
.
In the latest version of is-url-superb
( 5.0.0
) they removed the dependency to url-regex
.
The vulnerability is high
but i think it's not critical in our use case.
Hi, my current build fails with the following error:
TypeError: imageDownload is not a function
For the full log you can check: https://gitlab.com/ubports/infrastructure/devices.ubuntu-touch.io/-/jobs/1121427235
Code and configuration is available at: https://gitlab.com/ubports/infrastructure/devices.ubuntu-touch.io/-/tree/markdown-image-download
I have configured the plugin as written in the readme, if you think I've made a mistake in configuration let me know.
Thank you!